Build Better Defenses
October 29–30, 2017: Training
October 30–November 1, 2017: Tutorials & Conference
New York, NY

Speaker slides & video

Presentation slides will be made available after the session has concluded and the speaker has given us the files. Check back if you don't see the file you're looking for—it might be available later! (However, please note some speakers choose not to share their presentations.)

Rachel Roumeliotis (O'Reilly Media), Allison Miller (Google)
The second annual O’Reilly Defender Awards acknowledge and celebrate our security heroes and heroines who have demonstrated exceptional leadership, creativity, and collaboration in the defensive security field. These honors will be presented during keynotes.
Window Snyder (Fastly )
You can spend your entire security budget on signal-based technologies (such as endpoint security, antimalware, and vulnerability detection) and incrementally improve the security of your environment. But the real value is in people. Join Window Snyder to learn why the basics are hard to implement consistently but will get you a lot further than yet another set of signal-based tools.
Neal Mueller (Google), Max Saltonstall (Google)
Most companies today use some variation of the firewall or “fortress” model for perimeter security. This model assumes everything on the outside is dangerous and everything in the inside is safe and worked well when employees worked on desktop computers at the company HQ. Neal Mueller and Max Saltonstall offer an overview of Google’s BeyondCorp, a new model for today's dispersed BYOD workforce.
Runa Sandvik (New York Times)
The New York Times has staked its future on being a destination for readers. As a result, the company is working to incrementally improve the security of its environment. Drawing on this work, Runa Sandvik shares practical lessons on how to build and foster a culture of security across an organization.
Danielle Leong (GitHub)
Online safety has become a huge problem in the world of oversharing. Real-name policies, automatic geolocation tracking, and photo tagging increase user adoption rates, but these features can be quickly abused by bad actors. Danielle Leong explains how to apply a "consent filter" to product decisions to create a safer user experience and help protect your most vulnerable users from harm.
Quiessence Phillips (City of New York)
In a daily fight to secure organizations, security analysts are inundated with a massive log set (if one is so fortunate), but with it comes a high signal-to-noise ratio. Increase your signal by adding context to your logs. Join Quiessence Phillips to learn about the type of context that could be added and the value of its addition.
Fredrick Lee (Square)
Traditionally we security professionals have been viewed as gate keepers, rule enforcers, and the people who say "no." Fredrick Lee shines a light on the ways security has allowed the world to do more and encourages security professionals to solve the difficult problems that will allow us to say "yes." Our profession needs to reach beyond being gatekeepers and move toward being gate openers.
Kyle Randolph (Optimizely)
It's a huge act of trust for an established company to allow a startup access to its data and infrastructure. Kyle Randolph shares lessons learned building an enterprise SaaS startup, where security went from zero to paramount as the company scaled, and explains how to meet customers' needs, how to sell security to management, and how to build security into engineering.
Haroon Meer (Thinkst)
The frequency and impact of recent high-profile breaches has been positively depressing. However, a new type of security engineering is taking root, which suggests hope for effective corporate security at enterprise scale. Haroon Meer highlights these hopeful examples in a bid to encourage more people to plot a course toward achievable security.
Jack Naglieri (Airbnb), Austin Byers (Airbnb)
The advent of serverless technologies and infrastructure as code has changed how we build and deploy security services, empowering teams to create low-cost, scalable, and secure services to protect organizations. Drawing on their real-world experiences, Jack Naglieri and Austin Byers explore tools and techniques for successfully building, deploying, and debugging serverless security applications.
Chris Wysopal (Veracode)
If great software is secure software, why are there still so many vulnerabilities? Don’t architects and developers want to build great systems? Chris Wysopal details how defenders can enable developers to create secure software through coaching, shared code, and services.
Alexandra Ulsh (Mapbox)
Launching a bug bounty program is hard. Running and maintaining a successful bug bounty program is even harder. Using real-world stories of both failure and success, Alexandra Ulsh details how Mapbox's security team used tools, processes, automation, and empathy to decrease response time by 90%, reduce noise, and improve average report quality for its bug bounty program.
Julian Wong (DataVisor)
Using research from more than one billion users, 500 billion events, and 50 million malicious accounts collected from global online services, Julian Wong details some of the sophisticated attack techniques being used by modern day online criminals and demonstrates how these types of attacks can be detected and mitigated by leveraging artificial intelligence.
Bart Miller (University of Wisconsin-Madison), Elisa Heymann (University of Wisconsin-Madison)
Drawing from their experience performing vulnerability assessments of critical middleware, Bart Miller and Elisa Heymann walk you through the programming practices that can lead to security vulnerabilities and demonstrate how to automate tools for finding security weaknesses. You'll learn skills critical for software developers and analysts concerned with security.
DNS is critical to the operation of just about every organization operating today, but too many organizations overlook DNS as part of their security plan. This talk provides a practical step by step guide to ensuring an organization's DNS is secure.
Bobby Filar (Endgame), Rich Seymour (Endgame)
The security industry continues to struggle with alert fatigue as the talent shortage grows. Security has yet to fully embrace the power of UX to help security workers do more with less. Bobby Filar and Rich Seymour explain how they developed a chatbot, combining machine learning within an intuitive UI to expedite data search and discovery and enhance detection and response to security threats.
Gwen Betts (Komand)
User experience is often a forgotten piece in the broader information security puzzle. Security is difficult, especially for the average user, and many believe it’s already baked into the day-to-day software products they use, which isn’t always the case. Gwen Betts explains how a design-driven approach to security products and measures can drive greater adoption and acceptance.
Jason Hoenich (Habitu8)
Jason Hoenich explores the risks related to delivering poor awareness programs rather than adapting to changing needs and demands of the attack surface and learning behaviors of humans. Incorporating the key fundamental behavioral psychology nodes for establishing true culture change, and making the experience of the end user will move our programs to Security Awareness 2.0.
Katie Moussouris (Luta Security)
Computing has infiltrated society faster than we have been able to secure it. Defenders struggle with quantifying risk so that it translates into supported organizational changes and budget. Katie Moussouris explains how to transmute our suffering into kinetic and organizational changes and how to turn the forces that resist our defense activities into our biggest supporters in our organizations.
Jan Schaumann (The Internet)
Jan Schaumann shares insights into TLS cipher specs and protocols and threat analysis of dozens of vulnerabilities and attacks and explains how to effect change across a diverse legacy stack, how to collaborate with a significant number of teams on goals that may not be directly in line with their roadmaps, and how to get buy-in from your executives.
John Studarus (JHL Consulting), Cynthia Thomas (Midokura)
John Studarus and Cynthia Thomas demonstrate how to service-chain traffic through multiple security functions using virtualization and software-defined networking (SDN). John and Cynthia walk you through configuring and modifying layer 2 service chains with open source cloud security tools to monitor and block malicious traffic originating from a network of virtual machines.
Ido Safruti (PerimeterX), Amir Shaked (PerimeterX)
Ido Safruti and Amir Shaked offer an overview of the data analysis tools that every web security analyst should be familiar with in their daily work, including ELK, BigQuery, and Python as well as other helpful online services. These tools will help you analyze incidents on your web application and network and alert you when an attack starts.
Matt Stine (Pivotal)
Matt Stine offers an overview of the three principles of cloud-native security—rotate user credentials frequently, so they are only useful for a short time; repave servers and applications from a known good state often; and repair vulnerable software as soon as updates are available—and explains how this approach helps you deal with the exponentially increasing volume and velocity of threats.